Provjera :)

Provjera :)

offline
  • Pridružio: 02 Sep 2013
  • Poruke: 496

Pozdrav,otvarao sam vec jednom temu u ambulanti ali mi i nije bas pomoglo,racunar je dosta usporen a ja bih cisto da budem siguran da posrijedi nijesu neki virusi Wink
Evo i logova:
dds:
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.25.2
Run by PC at 18:04:44 on 2013-10-07
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.55 [GMT 2:00]
.
AV: ESET NOD32 Antivirus 6.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
============== Running Processes ================
.
C:\windows\system32\nvsvc32.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\windows\Explorer.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\HSPA USB MODEM\BackgroundService\ServiceManager.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\HSPA USB MODEM\BackgroundService\ModemListener.exe
C:\windows\system32\ctfmon.exe
C:\windows\System32\alg.exe
C:\Program Files\HSPA USB MODEM\ModemApplication.exe
C:\windows\system32\msfeedssync.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\windows\System32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.windowsxlive.net
uInternet Connection Wizard,ShellNext = iexplore
uProxyServer = socks=
uProxyOverride = regnow.com,www.regnow.com,avangate.com,www.avangate.com,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - c:\program files\free download manager\iefdm2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [MTel_ontenegro Imola ModemListener] c:\program files\hspa usb modem\backgroundservice\ModemListener.exe start
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Download all with Free Download Manager - c:\program files\free download manager\dlall.htm
IE: Download selected with Free Download Manager - c:\program files\free download manager\dlselected.htm
IE: Download video on this page - <no file>
IE: Download video this links to - <no file>
IE: Download video with Free Download Manager - c:\program files\free download manager\dlfvideo.htm
IE: Download with Free Download Manager - c:\program files\free download manager\dllink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {B4FECE59-6D0A-4EE6-A07F-E6A94F846E55} - d:\mp4 player\YTVD_IE.dll/300
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: Interfaces\{2314A5AB-BB9D-4D55-B6FD-B430B65DEBAB} : NameServer = 213.133.3.5 10.11.12.14
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
AppInit_DLLs= c:\docume~1\alluse~1\applic~1\bitguard\261673~1.238\{c16c1~1\bitguard.dll
LSA: Authentication Packages = msv1_0 nwprovau
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\28.0.1500.95\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\pc\application data\mozilla\firefox\profiles\knvwfllt.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.windowsxlive.net
FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - plugin: c:\documents and settings\pc\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_168.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2013-09-27 20:56; fdm_ffext@freedownloadmanager.org; c:\program files\free download manager\firefox\Extension
.
============= SERVICES / DRIVERS ===============
.
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-6-25 37664]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2013-1-10 122240]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2013-1-10 105784]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2013-9-11 22560]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2013-3-21 1341664]
R2 MTel_ontenegro Imola Modem Device Helper;MTel_ontenegro Imola Modem Device Helper;c:\program files\hspa usb modem\backgroundservice\servicemanager.exe -start --> c:\program files\hspa usb modem\backgroundservice\ServiceManager.exe -start [?]
R3 jrdusbser;Modem Interface Device for Legacy Serial Communication;c:\windows\system32\drivers\jrdusbser.sys [2013-1-28 106112]
S0 tdlhwo;tdlhwo;c:\windows\system32\drivers\fdaqq.sys --> c:\windows\system32\drivers\fdaqq.sys [?]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2013-9-21 23456]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2013-9-20 13464]
.
=============== Created Last 30 ================
.
2013-10-06 12:22:23 -------- d-----w- c:\documents and settings\pc\application data\Wise Care 365
2013-10-05 17:33:33 -------- d-----w- c:\documents and settings\pc\local settings\application data\Opera
2013-10-05 15:43:38 -------- d-----w- c:\windows\OPTIONS
2013-10-04 17:32:03 -------- d-----w- c:\program files\TGTSoft
2013-10-04 16:42:04 218624 ----a-w- c:\windows\system32\uxtheme.uxtender
2013-10-04 16:40:07 218624 -c--a-w- c:\windows\system32\dllcache\uxtheme.dll
2013-10-02 12:59:29 -------- d-----w- c:\documents and settings\pc\application data\Locktime
2013-10-02 12:55:54 -------- d-----w- c:\documents and settings\all users\application data\Locktime
2013-10-02 12:07:19 -------- d-----w- c:\documents and settings\pc\local settings\application data\ESET
2013-10-02 11:48:22 -------- d-----w- c:\program files\ESET
2013-10-01 19:56:09 -------- d-----w- C:\Temp
2013-09-30 17:45:56 275696 ----a-w- c:\windows\system32\mucltui.dll
2013-09-30 17:45:56 214256 ----a-w- c:\windows\system32\muweb.dll
2013-09-30 17:45:56 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2013-09-29 18:38:52 -------- d-----w- c:\windows\system32\AVGUARD_526aa1ee
2013-09-28 19:34:13 -------- d-----w- c:\windows\system32\PreInstall
2013-09-28 18:46:26 -------- d-----w- c:\windows\system32\SoftwareDistribution
2013-09-28 18:44:54 -------- d-sh--w- c:\documents and settings\pc\IECompatCache
2013-09-28 18:29:39 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2013-09-28 18:29:39 79872 ------w- c:\windows\system32\msxml6r.dll
2013-09-28 18:29:39 1306624 -c----w- c:\windows\system32\dllcache\msxml6.dll
2013-09-28 18:29:38 1306624 ------w- c:\windows\system32\msxml6.dll
2013-09-28 18:29:34 33792 ------w- c:\program files\messenger\custsat.dll
2013-09-28 18:27:59 6144 ------w- c:\windows\system32\kbdpash.dll
2013-09-28 18:16:44 -------- d-----w- c:\windows\ServicePackFiles
2013-09-28 18:15:47 294912 ------w- c:\program files\windows media player\dlimport.exe
2013-09-28 18:15:32 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe
2013-09-28 18:08:59 73216 ------w- c:\windows\system32\drivers\atintuxx.sys
2013-09-28 17:33:23 -------- d-----w- C:\acf061117b02497cfd2f94de36
2013-09-27 18:59:05 -------- d-----w- C:\Downloads
2013-09-27 18:56:22 -------- d-----w- c:\documents and settings\pc\application data\Free Download Manager
2013-09-27 18:56:02 -------- d-----w- c:\program files\Free Download Manager
2013-09-27 16:49:54 155648 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iuser.dll
2013-09-27 16:49:53 696320 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iKernel.dll
2013-09-27 16:49:53 57344 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\ctor.dll
2013-09-27 16:49:53 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe
2013-09-27 16:49:53 237568 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iscript.dll
2013-09-27 16:49:52 163972 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iGdi.dll
2013-09-27 16:49:51 282756 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\setup.dll
2013-09-26 14:44:09 -------- d-----w- c:\documents and settings\pc\local settings\application data\Help
2013-09-24 15:34:50 -------- d-----w- C:\kopija
2013-09-21 09:13:06 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2013-09-21 09:13:05 -------- d-----w- c:\documents and settings\pc\local settings\application data\eSupport.com
2013-09-21 08:24:59 5632 ----a-w- c:\windows\system32\ptpusb.dll
2013-09-21 08:24:57 159232 ----a-w- c:\windows\system32\ptpusd.dll
2013-09-21 08:24:56 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2013-09-20 18:03:05 -------- d-----w- c:\program files\Realtek
2013-09-20 17:55:07 13464 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2013-09-20 17:54:48 -------- d-----w- c:\documents and settings\pc\local settings\application data\SlimWare Utilities Inc
2013-09-20 17:08:52 -------- d-----w- C:\9ae28e166f0b1ac215ec60
2013-09-19 16:18:10 -------- d-----w- c:\program files\Activision
2013-09-18 13:21:30 -------- d-----w- c:\documents and settings\pc\application data\Python-Eggs
2013-09-18 13:20:44 -------- d-----w- c:\documents and settings\pc\application data\BitLord
2013-09-16 17:36:45 -------- d-----w- c:\documents and settings\pc\application data\IconTweaker
2013-09-13 17:21:38 -------- d--h--w- c:\windows\Icons
2013-09-13 16:47:42 -------- d-----w- c:\documents and settings\pc\application data\TuneUp Software
2013-09-13 16:46:48 -------- d-----w- c:\documents and settings\all users\application data\TuneUp Software
2013-09-13 16:42:51 -------- d-sh--w- c:\documents and settings\all users\application data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-09-13 15:07:24 -------- d-----w- C:\log fajlovi
2013-09-12 14:38:07 -------- d-sh--w- c:\documents and settings\pc\PrivacIE
2013-09-12 14:36:44 -------- d-sh--w- c:\documents and settings\pc\IETldCache
2013-09-12 14:32:44 -------- dc-h--w- c:\windows\ie8
2013-09-12 14:23:11 -------- d--h--w- c:\windows\$hf_mig$
2013-09-11 13:19:08 22560 ----a-w- c:\windows\system32\drivers\HWiNFO32.SYS
2013-09-11 13:18:54 -------- d-----w- c:\program files\HWiNFO32
2013-09-10 15:17:57 -------- d-----w- C:\AdwCleaner
2013-09-09 16:11:23 -------- d-----w- c:\program files\CPUID
.
==================== Find3M ====================
.
2013-10-04 16:42:04 218624 ----a-w- c:\windows\system32\uxtheme.dll
2013-09-26 15:02:05 6656 ----a-w- c:\windows\system32\lpcio.dll
2013-09-10 17:07:48 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-10 17:07:48 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-23 16:08:46 773800 ----a-w- c:\windows\system32\msvcr100.dll
2013-08-23 16:08:45 421032 ----a-w- c:\windows\system32\msvcp100.dll
2013-08-14 15:03:39 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-07-22 14:10:15 22328 ----a-w- c:\documents and settings\pc\application data\PnkBstrK.sys
.
============= FINISH: 18:05:27,74 ===============
attach:

https://www.mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Pozdrav.


Preuzmi FRST - (Farbar Recovery Scan Tool) i sacuvaj ga na Desktop

Napomena: Potrebno je preuzeti onu verziju koja je kompatibilna sa tvojim sistemom.


Dvoklikom pokreni FRST;
Kada se alat startuje, klikni Yes na disclaimer.
Klikni na dugme Scan;
Alat ce kreirati izvestaj (FRST.txt) u isti direktorijum gde je i FRST.exe sacuvan.
Iskopiraj sadrzaj tog loga u poruku.
Alat bi takodje pri prvom pokretanju trebao da kreira i dodatni izvestaj (Addition.txt). Taj izvestaj okaci u poruku koristeci opciju "Prikaci file".





********************





Preuzmi TDSSKiller i sacuvaj ga na Desktop
Dvoklikom pokreni TDSSKiller.exe ...

klikni na dugme Start Scan

Ukoliko sumnjive stavke Suspicious object budu detektovani, podrazumevana opcija (default action) jeste Skip, klikni na Continue.
Ukoliko maliciozni objekti Malicious objects budu detektovani, izaberi opciju Cure.


Okaci mi sadrzaj log-a sa sledece lokacije:
C:\TDSSKiller_verzija programa_DD.MM.GG_HH.MM.SS.txt
(DD-dan, MM-mesec, GG-godina, HH-sat, MM-minut, SS-sekunda; datum i vreme kada je log napravljen)[/quote]

offline
  • Pridružio: 02 Sep 2013
  • Poruke: 496

Napisano: 08 Okt 2013 13:36

frst:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013
Ran by PC (administrator) on WIN-504A72A0AE9 on 08-10-2013 13:31:37
Running from C:\Documents and Settings\PC\My Documents\Преузимања
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\windows\system32\nvsvc32.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
() C:\Program Files\HSPA USB MODEM\BackgroundService\ServiceManager.exe
() C:\Program Files\HSPA USB MODEM\BackgroundService\ModemListener.exe
() C:\Program Files\HSPA USB MODEM\ModemApplication.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(FreeDownloadManager.ORG) C:\Program Files\Free Download Manager\fdm.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MTel_ontenegro Imola ModemListener] - C:\Program Files\HSPA USB MODEM\BackgroundService\ModemListener.exe [125504 2012-05-14] ()
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
MountPoints2: {0636c47e-9d04-11e2-8781-001a92453887} - F:\autorun.exe
AppInit_DLLs: c:\docume~1\alluse~1\applic~1\bitguard\261673~1.238\{c16c1~1\bitguard.dll [ ] ()
Lsa: [Authentication Packages] msv1_0 nwprovau

==================== Internet (Whitelisted) ====================

ProxyServer: socks=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope 3AC374FC-8DCB-4AE5-8637-483CDFE8E029 URL = http://searchou.com/q=
SearchScopes: HKCU - 3AC374FC-8DCB-4AE5-8637-483CDFE8E029 URL = http://searchou.com/q=
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\..\Interfaces\{2314A5AB-BB9D-4D55-B6FD-B430B65DEBAB}: [NameServer]213.133.3.5 10.11.12.14

FireFox:
========
FF ProfilePath: C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\knvwfllt.default
FF user.js: detected! => C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\knvwfllt.default\user.js
FF Homepage: hxxp://www.windowsxlive.net
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\PC\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\pogodakyu.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\vokabular.xml
FF Extension: YouTube Video Downloader Extension - C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\knvwfllt.default\Extensions\YTVD_FF
FF Extension: fdm_ffext - C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\knvwfllt.default\Extensions\fdm_ffext@freedownloadmanager.org
FF Extension: No Name - C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\knvwfllt.default\Extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}.xpi
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: hxxp://www.windowsxlive.net/
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Documents and Settings\PC\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Shockwave Flash) - C:\windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 MTel_ontenegro Imola Modem Device Helper; C:\Program Files\HSPA USB MODEM\BackgroundService\ServiceManager.exe [53312 2012-03-14] ()
R2 NWCWorkstation; C:\Windows\System32\nwwks.dll [65536 2008-04-14] (Microsoft Corporation)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"

==================== Drivers (Whitelisted) ====================

R1 avgtp; C:\windows\system32\drivers\avgtpx86.sys [37664 2013-08-14] (AVG Technologies)
S3 DrvAgent32; C:\windows\system32\Drivers\DrvAgent32.sys [23456 2013-09-21] (Phoenix Technologies)
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [145920 2005-01-07] (Windows (R) Server 2003 DDK provider)
R3 HSF_DPV; C:\Windows\System32\DRIVERS\HSF_DPV.sys [1035008 2005-08-22] (Conexant Systems, Inc.)
R1 HWiNFO32; C:\windows\system32\drivers\HWiNFO32.SYS [22560 2013-09-11] (REALiX(tm))
R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
R3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [106112 2011-06-20] (TCT International Mobile Ltd)
R3 ms_mpu401; C:\Windows\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R2 NwlnkIpx; C:\Windows\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-14] (Microsoft Corporation)
R2 NwlnkNb; C:\Windows\System32\DRIVERS\nwlnknb.sys [63232 2004-08-04] (Microsoft Corporation)
R2 NwlnkSpx; C:\Windows\System32\DRIVERS\nwlnkspx.sys [55936 2004-08-04] (Microsoft Corporation)
R3 NWRDR; C:\Windows\System32\DRIVERS\nwrdr.sys [163584 2008-04-14] (Microsoft Corporation)
R3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R3 SenFiltService; C:\Windows\System32\drivers\Senfilt.sys [392960 2006-03-17] (Sensaura)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2013-09-21] ()
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2013-02-13] (AnchorFree Inc)
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S0 tdlhwo; System32\drivers\fdaqq.sys [x]
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-08 13:31 - 2013-10-08 13:31 - 00000000 ____D C:\FRST
2013-10-07 20:59 - 2013-10-07 20:59 - 00000282 _____ C:\windows\Tasks\ExpressZipDowngrade.job
2013-10-07 18:05 - 2013-10-07 18:05 - 00012705 _____ C:\Documents and Settings\PC\Desktop\dds.txt
2013-10-07 18:05 - 2013-10-07 18:05 - 00008433 _____ C:\Documents and Settings\PC\Desktop\attach.txt
2013-10-07 18:03 - 2013-10-07 18:04 - 00688992 ____R (Swearware) C:\Documents and Settings\PC\Desktop\dds.scr
2013-10-06 20:54 - 2013-10-06 20:55 - 00000000 ____D C:\Documents and Settings\PC\Desktop\prezentacije za deveti
2013-10-06 20:11 - 2013-10-06 20:38 - 00000000 ____D C:\Documents and Settings\PC\Desktop\natalija
2013-10-06 19:11 - 2013-10-07 19:59 - 00002185 _____ C:\windows\setupapi.log
2013-10-06 15:44 - 2013-10-06 15:46 - 00000000 ____D C:\Documents and Settings\PC\Desktop\evropa priprema
2013-10-06 15:42 - 2013-10-06 16:53 - 00044032 _____ C:\Documents and Settings\PC\Desktop\evropa reljef i vode priprema
2013-10-06 15:30 - 2013-10-06 15:30 - 00069624 _____ C:\Documents and Settings\PC\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-10-06 15:27 - 2013-10-08 13:17 - 00070646 _____ C:\windows\WindowsUpdate.log
2013-10-06 15:27 - 2013-10-08 13:17 - 00000159 _____ C:\windows\wiadebug.log
2013-10-06 15:27 - 2013-10-08 13:17 - 00000049 _____ C:\windows\wiaservc.log
2013-10-06 15:27 - 2013-10-06 15:27 - 00000000 _____ C:\windows\Sti_Trace.log
2013-10-06 15:26 - 2013-10-06 15:26 - 00265416 _____ C:\windows\system32\FNTCACHE.DAT
2013-10-06 14:22 - 2013-10-06 14:22 - 00000000 ____D C:\Documents and Settings\PC\Application Data\Wise Care 365
2013-10-06 13:42 - 2013-10-06 13:42 - 03932214 _____ C:\Documents and Settings\PC\Desktop\internet1.bmp
2013-10-05 19:45 - 2013-10-05 22:25 - 00006711 _____ C:\Documents and Settings\PC\Desktop\попис.jpeg
2013-10-05 19:34 - 2013-10-05 19:34 - 00000824 _____ C:\Documents and Settings\PC\Start Menu\µTorrent.lnk
2013-10-05 19:34 - 2013-10-05 19:34 - 00000824 _____ C:\Documents and Settings\PC\Desktop\µTorrent.lnk
2013-10-05 19:33 - 2013-10-05 19:33 - 00000000 ____D C:\Documents and Settings\PC\Local Settings\Application Data\Opera
2013-10-05 19:33 - 2013-10-05 19:33 - 00000000 ____D C:\Documents and Settings\PC\Application Data\Opera
2013-10-05 19:32 - 2013-10-05 19:32 - 00001505 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Opera.lnk
2013-10-05 19:32 - 2013-10-05 19:32 - 00001499 _____ C:\Documents and Settings\All Users\Desktop\Opera.lnk
2013-10-05 19:31 - 2013-10-05 19:32 - 00000000 ____D C:\Program Files\Opera
2013-10-05 17:43 - 2013-10-05 17:43 - 00000000 ____D C:\windows\OPTIONS
2013-10-05 17:43 - 2013-10-05 17:43 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Realtek
2013-10-05 17:42 - 2013-10-05 17:42 - 00000000 ____D C:\Documents and Settings\PC\Application Data\InstallShield
2013-10-05 17:40 - 2013-10-05 17:40 - 00000000 ____D C:\Documents and Settings\PC\My Documents\P5PL2-E-ASUS-1002
2013-10-04 20:00 - 2013-10-04 20:49 - 00000045 _____ C:\TEST.XML
2013-10-04 18:52 - 2013-10-04 18:52 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET
2013-10-04 18:42 - 2008-04-25 19:41 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.uxtender
2013-10-04 18:40 - 2008-04-25 19:41 - 00218624 ____C (Microsoft Corporation) C:\windows\system32\dllcache\uxtheme.dll
2013-10-02 19:09 - 2013-10-08 13:30 - 00000000 ____D C:\Documents and Settings\PC\My Documents\Преузимања
2013-10-02 18:46 - 2013-10-02 18:50 - 00000017 _____ C:\Documents and Settings\PC\Desktop\psihikal memori.txt
2013-10-02 16:50 - 2013-10-02 16:50 - 00000737 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2013-10-02 16:50 - 2013-10-02 16:50 - 00000731 _____ C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2013-10-02 16:50 - 2013-10-02 16:50 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-02 16:36 - 2013-10-06 16:59 - 00000000 ____D C:\Documents and Settings\PC\Desktop\naja fajlovi
2013-10-02 16:31 - 2013-10-02 19:55 - 00065536 _____ C:\windows\system32\config\NetLimit.evt
2013-10-02 14:59 - 2013-10-02 14:59 - 00000000 ____D C:\Documents and Settings\PC\Application Data\Locktime
2013-10-02 14:55 - 2013-10-02 14:55 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Locktime
2013-10-02 14:07 - 2013-10-02 14:07 - 00000000 ____D C:\Documents and Settings\PC\Local Settings\Application Data\ESET
2013-09-30 23:13 - 2013-09-30 23:13 - 00006376 _____ C:\avenger.txt
2013-09-30 23:13 - 2013-09-30 23:13 - 00000000 ____D C:\Avenger
2013-09-30 19:45 - 2013-09-30 20:55 - 00001945 _____ C:\windows\epplauncher.mif
2013-09-30 19:45 - 2012-06-02 15:18 - 00275696 _____ (Microsoft Corporation) C:\windows\system32\mucltui.dll
2013-09-30 19:45 - 2012-06-02 15:18 - 00214256 _____ (Microsoft Corporation) C:\windows\system32\muweb.dll
2013-09-30 19:45 - 2012-06-02 15:18 - 00017136 _____ (Microsoft Corporation) C:\windows\system32\mucltui.dll.mui
2013-09-30 10:49 - 2013-10-02 16:35 - 00000000 ____D C:\Documents and Settings\PC\Desktop\New Folder
2013-09-29 20:38 - 2013-09-29 20:39 - 00000000 ____D C:\windows\system32\AVGUARD_526aa1ee
2013-09-28 21:34 - 2013-09-28 21:34 - 00000000 __HDC C:\windows\$NtUninstallKB898461$
2013-09-28 21:34 - 2013-09-28 21:34 - 00000000 ____D C:\windows\system32\PreInstall
2013-09-28 20:44 - 2013-09-28 20:44 - 00000000 __SHD C:\Documents and Settings\PC\IECompatCache
2013-09-28 20:39 - 2013-09-28 20:39 - 00000090 _____ C:\windows\system32\spupdwxp.log
2013-09-28 20:29 - 2008-04-14 05:42 - 01306624 ____N (Microsoft Corporation) C:\windows\system32\msxml6.dll
2013-09-28 20:29 - 2008-04-14 05:42 - 01306624 ____C (Microsoft Corporation) C:\windows\system32\dllcache\msxml6.dll
2013-09-28 20:29 - 2008-04-14 05:40 - 00294912 ____C (Microsoft Corporation) C:\windows\system32\dllcache\msaud32.acm
2013-09-28 20:29 - 2008-04-14 05:40 - 00086016 ____C (Sipro Lab Telecom Inc.) C:\windows\system32\dllcache\sl_anet.acm
2013-09-28 20:29 - 2008-04-14 05:39 - 00290816 ____C (Fraunhofer Institut Integrierte Schaltungen IIS) C:\windows\system32\dllcache\l3codeca.acm
2013-09-28 20:29 - 2008-04-13 22:58 - 00184959 ____C C:\windows\system32\dllcache\compact.wmz
2013-09-28 20:29 - 2008-04-13 22:58 - 00066725 ____C C:\windows\system32\dllcache\revert.wmz
2013-09-28 20:29 - 2008-04-13 22:57 - 00079872 ____N (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2013-09-28 20:29 - 2008-04-13 22:57 - 00079872 ____C (Microsoft Corporation) C:\windows\system32\dllcache\msxml6r.dll
2013-09-28 20:29 - 2007-06-26 11:30 - 00572557 ____C C:\windows\system32\dllcache\rtuner.wmv
2013-09-28 20:29 - 2007-06-26 11:30 - 00457607 ____C C:\windows\system32\dllcache\mdlib.wmv
2013-09-28 20:29 - 2007-06-26 11:30 - 00381425 ____C C:\windows\system32\dllcache\copycd.wmv
2013-09-28 20:29 - 2007-06-26 11:30 - 00375519 ____C C:\windows\system32\dllcache\nuskin.wmv
2013-09-28 20:29 - 2007-06-26 11:30 - 00354468 ____C C:\windows\system32\dllcache\wmpaud1.wav
2013-09-28 20:29 - 2007-06-26 11:30 - 00343204 ____C C:\windows\system32\dllcache\wmpaud7.wav
2013-09-28 20:29 - 2007-06-26 11:30 - 00343204 ____C C:\windows\system32\dllcache\wmpaud6.wav
2013-09-28 20:29 - 2007-06-26 11:30 - 00300969 ____C C:\windows\system32\dllcache\viz.wmv
2013-09-28 20:29 - 2007-06-26 11:30 - 00172196 ____C C:\windows\system32\dllcache\wmpaud9.wav
2013-09-28 20:29 - 2007-06-26 11:30 - 00172196 ____C C:\windows\system32\dllcache\wmpaud8.wav
2013-09-28 20:29 - 2007-06-26 11:30 - 00172196 ____C C:\windows\system32\dllcache\wmpaud3.wav
2013-09-28 20:29 - 2007-06-26 11:30 - 00086196 ____C C:\windows\system32\dllcache\wmpaud5.wav
2013-09-28 20:29 - 2007-06-26 11:30 - 00086180 ____C C:\windows\system32\dllcache\wmpaud4.wav
2013-09-28 20:29 - 2007-06-26 11:30 - 00086180 ____C C:\windows\system32\dllcache\wmpaud2.wav
2013-09-28 20:29 - 2007-06-26 11:30 - 00022060 ____C C:\windows\system32\dllcache\npds.zip
2013-09-28 20:29 - 2007-06-26 11:30 - 00010457 ____C C:\windows\system32\dllcache\wmptour.hta
2013-09-28 20:29 - 2007-06-26 11:30 - 00009585 ____C C:\windows\system32\dllcache\controls.css
2013-09-28 20:29 - 2007-06-26 11:30 - 00008298 ____C C:\windows\system32\dllcache\contents.htm
2013-09-28 20:29 - 2007-06-26 11:30 - 00006878 ____C C:\windows\system32\dllcache\controls.js
2013-09-28 20:29 - 2007-06-26 11:30 - 00005971 ____C C:\windows\system32\dllcache\events.js
2013-09-28 20:29 - 2007-06-26 11:30 - 00003187 ____C C:\windows\system32\dllcache\tour.js
2013-09-28 20:29 - 2007-06-26 11:30 - 00001771 ____C C:\windows\system32\dllcache\wmptour.css
2013-09-28 20:29 - 2007-06-26 11:30 - 00001148 ____C C:\windows\system32\dllcache\snd.htm
2013-09-28 20:29 - 2007-06-26 11:30 - 00000420 ____C C:\windows\system32\dllcache\wmploc.js
2013-09-28 20:29 - 2007-06-26 11:29 - 00097117 ____C C:\windows\system32\dllcache\mplayer2.hlp
2013-09-28 20:29 - 2007-06-26 11:29 - 00001885 ____C C:\windows\system32\dllcache\mplayer2.cnt
2013-09-28 20:29 - 2007-06-26 11:28 - 00613334 ____C C:\windows\system32\dllcache\wmplayer.chm
2013-09-28 20:29 - 2007-06-26 11:28 - 00067374 ____C C:\windows\system32\dllcache\wmplayer.adm
2013-09-28 20:29 - 2007-06-26 11:26 - 00077307 ____C C:\windows\system32\dllcache\plyr_err.chm
2013-09-28 20:29 - 2007-06-26 11:26 - 00001477 ____C C:\windows\system32\dllcache\plylst6.wpl
2013-09-28 20:29 - 2007-06-26 11:26 - 00001477 ____C C:\windows\system32\dllcache\plylst5.wpl
2013-09-28 20:29 - 2007-06-26 11:26 - 00001474 ____C C:\windows\system32\dllcache\plylst3.wpl
2013-09-28 20:29 - 2007-06-26 11:26 - 00001451 ____C C:\windows\system32\dllcache\plylst12.wpl
2013-09-28 20:29 - 2007-06-26 11:26 - 00001448 ____C C:\windows\system32\dllcache\plylst4.wpl
2013-09-28 20:29 - 2007-06-26 11:26 - 00001250 ____C C:\windows\system32\dllcache\plylst1.wpl
2013-09-28 20:29 - 2007-06-26 11:26 - 00001049 ____C C:\windows\system32\dllcache\plylst2.wpl
2013-09-28 20:29 - 2007-06-26 11:26 - 00001046 ____C C:\windows\system32\dllcache\plylst7.wpl
2013-09-28 20:29 - 2007-06-26 11:26 - 00001036 ____C C:\windows\system32\dllcache\plylst8.wpl
2013-09-28 20:29 - 2007-06-26 11:26 - 00000789 ____C C:\windows\system32\dllcache\plylst11.wpl
2013-09-28 20:29 - 2007-06-26 11:26 - 00000787 ____C C:\windows\system32\dllcache\plylst10.wpl
2013-09-28 20:29 - 2007-06-26 11:26 - 00000784 ____C C:\windows\system32\dllcache\plylst9.wpl
2013-09-28 20:29 - 2007-06-26 11:26 - 00000783 ____C C:\windows\system32\dllcache\plylst13.wpl
2013-09-28 20:29 - 2007-06-26 11:26 - 00000775 ____C C:\windows\system32\dllcache\plylst14.wpl
2013-09-28 20:29 - 2007-06-26 11:26 - 00000733 ____C C:\windows\system32\dllcache\plylst15.wpl
2013-09-28 20:29 - 2007-06-26 11:26 - 00000403 ____C C:\windows\system32\dllcache\npdrmv2.zip
2013-09-28 20:29 - 2007-04-02 23:21 - 00023195 ____C C:\windows\system32\dllcache\wmplay.chm
2013-09-28 20:28 - 2008-04-14 05:42 - 00023040 ____N (ATI Technologies Inc.) C:\windows\system32\ativmvxx.ax
2013-09-28 20:28 - 2008-04-14 05:42 - 00010752 ____N (Microsoft Corporation) C:\windows\system32\smtpapi.dll
2013-09-28 20:28 - 2008-04-14 05:42 - 00009728 ____N (Microsoft Corporation) C:\windows\system32\rwnh.dll
2013-09-28 20:28 - 2008-04-14 05:42 - 00009728 ____N (ATI Technologies Inc.) C:\windows\system32\ativdaxx.ax
2013-09-28 20:28 - 2008-04-14 05:41 - 01888992 ____N (ATI Technologies Inc. ) C:\windows\system32\ati3duag.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00870784 ____N (ATI Technologies Inc. ) C:\windows\system32\ati3d1ag.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00650752 ____N (Microsoft Corporation) C:\windows\system32\dot3ui.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00516768 ____N (ATI Technologies Inc. ) C:\windows\system32\ativvaxx.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00377984 ____N (ATI Technologies Inc.) C:\windows\system32\ati2dvaa.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00233472 ____N (Microsoft Corporation) C:\windows\system32\azroles.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00229376 ____N (ATI Technologies Inc.) C:\windows\system32\ati2cqag.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00201728 ____N (ATI Technologies Inc.) C:\windows\system32\ati2dvag.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00184832 ____N (Microsoft Corporation) C:\windows\system32\eapp3hst.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00180224 ____N (Microsoft Corporation) C:\windows\system32\eapphost.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00136192 ____N (Microsoft Corporation) C:\windows\system32\aaclient.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00132096 ____N (Microsoft Corporation) C:\windows\system32\dot3svc.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00126976 ____N (Microsoft Corporation) C:\windows\system32\eappcfg.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00094208 ____N (Microsoft Corporation) C:\windows\system32\eappgnui.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00081920 ____N (Microsoft Corporation) C:\windows\system32\ieencode.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00059392 ____N (Microsoft Corporation) C:\windows\system32\eapqec.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00057856 ____N (Microsoft Corporation) C:\windows\system32\dot3cfg.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00056320 ____N (Microsoft Corporation) C:\windows\system32\dot3msm.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00048640 ____N (Microsoft Corporation) C:\windows\system32\dhcpqec.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00040960 ____N (Microsoft Corporation) C:\windows\system32\eappprxy.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00039936 ____N (Microsoft Corporation) C:\windows\system32\dot3gpclnt.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00039936 ____N (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00033792 ____N (Microsoft Corporation) C:\windows\system32\eapsvc.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00032768 ____N (ATI Technologies Inc.) C:\windows\system32\ativtmxx.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00032285 ____N (Conexant Systems, Inc.) C:\windows\system32\hsfcisp2.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00030720 ____N (Microsoft Corporation) C:\windows\system32\eapolqec.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00026112 ____N (Microsoft Corporation) C:\windows\system32\dot3api.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00019456 ____N (Microsoft Corporation) C:\windows\system32\dimsntfy.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00012800 ____N (Microsoft Corporation) C:\windows\system32\credssp.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00009216 ____N (Microsoft Corporation) C:\windows\system32\dot3dlg.dll
2013-09-28 20:28 - 2008-04-14 05:41 - 00007168 ____N (Microsoft Corporation) C:\windows\system32\bitsprx4.dll
2013-09-28 20:28 - 2008-04-14 05:40 - 00102912 ____C (Microsoft Corporation) C:\windows\system32\dllcache\dpcdll.dll
2013-09-28 20:28 - 2008-04-14 00:15 - 00046592 ____N (Microsoft Corporation) C:\windows\system32\Drivers\irbus.sys
2013-09-28 20:28 - 2008-04-14 00:13 - 00009728 ____N (Microsoft Corporation) C:\windows\system32\comsdupd.exe
2013-09-28 20:27 - 2013-09-28 20:27 - 00000000 ____D C:\windows\system32\scripting
2013-09-28 20:27 - 2013-09-28 20:27 - 00000000 ____D C:\windows\system32\bits
2013-09-28 20:27 - 2013-09-28 20:27 - 00000000 ____D C:\windows\l2schemas
2013-09-28 20:27 - 2008-04-14 05:42 - 01737856 ____N (Matrox Graphics Inc.) C:\windows\system32\mtxparhd.dll
2013-09-28 20:27 - 2008-04-14 05:42 - 00712704 ____N (Microsoft Corporation) C:\windows\system32\windowscodecs.dll
2013-09-28 20:27 - 2008-04-14 05:42 - 00412160 ____N (Microsoft Corporation) C:\windows\system32\photometadatahandler.dll
2013-09-28 20:27 - 2008-04-14 05:42 - 00397056 ____N (S3 Graphics, Inc.) C:\windows\system32\s3gnb.dll
2013-09-28 20:27 - 2008-04-14 05:42 - 00346112 ____N (Microsoft Corporation) C:\windows\system32\windowscodecsext.dll
2013-09-28 20:27 - 2008-04-14 05:42 - 00291328 ____N (Microsoft Corporation) C:\windows\system32\qagentrt.dll
2013-09-28 20:27 - 2008-04-14 05:42 - 00290304 ____N (Microsoft Corporation) C:\windows\system32\rhttpaa.dll
2013-09-28 20:27 - 2008-04-14 05:42 - 00286792 ____N (Smart Link) C:\windows\system32\slextspk.dll
2013-09-28 20:27 - 2008-04-14 05:42 - 00276992 ____N (Microsoft Corporation) C:\windows\system32\wmphoto.dll
2013-09-28 20:27 - 2008-04-14 05:42 - 00193024 ____N (Microsoft Corporation) C:\windows\system32\napmontr.dll
2013-09-28 20:27 - 2008-04-14 05:42 - 00188508 ____N (Smart Link) C:\windows\system32\slgen.dll
2013-09-28 20:27 - 2008-04-14 05:42 - 00176640 ____N (Microsoft Corporation) C:\windows\system32\napstat.exe
2013-09-28 20:27 - 2008-04-14 05:42 - 00155136 ____N (Microsoft Corporation) C:\windows\system32\mssha.dll
2013-09-28 20:27 - 2008-04-14 05:42 - 00150528 ____N (Microsoft Corporation) C:\windows\system32\qagent.dll
2013-09-28 20:27 - 2008-04-14 05:42 - 00144384 ____N (Microsoft Corporation) C:\windows\system32\onex.dll
2013-09-28 20:27 - 2008-04-14 05:42 - 00076800 ____N (Microsoft Corporation) C:\windows\system32\qutil.dll
2013-09-28 20:27 - 2008-04-14 05:42 - 00073832 ____N (Smart Link) C:\windows\system32\slcoinst.dll
2013-09-28 20:27 - 2008-04-14 05:42 - 00073796 ____N (Smart Link) C:\windows\system32\slserv.exe
2013-09-28 20:27 - 2008-04-14 05:42 - 00069120 ____N (Microsoft Corporation) C:\windows\system32\wlanapi.dll
2013-09-28 20:27 - 2008-04-14 05:42 - 00062464 ____N (Microsoft Corporation) C:\windows\system32\qcliprov.dll
2013-09-28 20:27 - 2008-04-14 05:42 - 00061952 ____N (Microsoft Corporation) C:\windows\system32\rasqec.dll
2013-09-28 20:27 - 2008-04-14 05:42 - 00060416 ____N (Microsoft Corporation) C:\windows\system32\tzchange.exe
2013-09-28 20:27 - 2008-04-14 05:42 - 00053248 ____N (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2013-09-28 20:27 - 2008-04-14 05:42 - 00050688 ____N (Microsoft Corporation) C:\windows\system32\tspkg.dll
2013-09-28 20:27 - 2008-04-14 05:42 - 00033792 ____N (Microsoft Corporation) C:\windows\system32\mmcperf.exe
2013-09-28 20:27 - 2008-04-14 05:42 - 00032866 ____N (Smart Link) C:\windows\system32\slrundll.exe
2013-09-28 20:27 - 2008-04-14 05:42 - 00032866 ____N (Smart Link) C:\windows\slrundll.exe
2013-09-28 20:27 - 2008-04-14 05:42 - 00032768 ____N (Microsoft Corporation) C:\windows\system32\setupn.exe
2013-09-28 20:27 - 2008-04-14 05:42 - 00030208 ____N (Microsoft Corporation) C:\windows\system32\napipsec.dll
2013-09-28 20:27 - 2008-04-14 05:42 - 00028672 ____N (Microsoft Corporation) C:\windows\system32\vidcap.ax
2013-09-28 20:27 - 2008-04-14 05:42 - 00028672 ____N (Microsoft Corporation) C:\windows\system32\verclsid.exe
2013-09-28 20:27 - 2008-04-14 05:41 - 00397312 ____N (Microsoft Corporation) C:\windows\system32\mmcex.dll
2013-09-28 20:27 - 2008-04-14 05:41 - 00184320 ____N (Microsoft Corporation) C:\windows\system32\microsoft.managementconsole.dll
2013-09-28 20:27 - 2008-04-14 05:41 - 00106496 ____N (Microsoft Corporation) C:\windows\system32\mmcfxcommon.dll
2013-09-28 20:27 - 2008-04-14 05:41 - 00061440 ____N (Microsoft Corporation) C:\windows\system32\kmsvc.dll
2013-09-28 20:27 - 2008-04-14 05:41 - 00037376 ____N (Microsoft Corporation) C:\windows\system32\l2gpstore.dll
2013-09-28 20:27 - 2008-04-14 05:39 - 00006144 ____N (Microsoft Corporation) C:\windows\system32\kbdpash.dll
2013-09-28 20:27 - 2008-04-14 05:39 - 00006144 ____N (Microsoft Corporation) C:\windows\system32\kbdnepr.dll
2013-09-28 20:27 - 2008-04-14 05:39 - 00006144 ____N (Microsoft Corporation) C:\windows\system32\kbdiultn.dll
2013-09-28 20:27 - 2008-04-14 05:39 - 00006144 ____N (Microsoft Corporation) C:\windows\system32\kbdbhc.dll
2013-09-28 20:27 - 2008-04-13 23:45 - 00076800 ____N (Microsoft Corporation) C:\windows\system32\msshavmsg.dll
2013-09-28 20:27 - 2008-04-13 23:09 - 00689152 ____N (Microsoft Corporation) C:\windows\system32\xpsp3res.dll
2013-09-28 20:16 - 2013-09-28 20:29 - 00000000 ____D C:\windows\ServicePackFiles
2013-09-28 20:15 - 2008-04-14 05:42 - 00294912 ____C (Microsoft Corporation) C:\windows\system32\dllcache\dlimport.exe
2013-09-28 20:09 - 2008-04-14 05:41 - 00004255 ____N (Intel(R) Corporation) C:\windows\system32\Drivers\adv01nt5.dll
2013-09-28 20:09 - 2008-04-14 05:41 - 00003967 ____N (Intel(R) Corporation) C:\windows\system32\Drivers\adv02nt5.dll
2013-09-28 20:09 - 2008-04-14 05:41 - 00003775 ____N (Intel(R) Corporation) C:\windows\system32\Drivers\adv11nt5.dll
2013-09-28 20:09 - 2008-04-14 05:41 - 00003711 ____N (Intel(R) Corporation) C:\windows\system32\Drivers\adv09nt5.dll
2013-09-28 20:09 - 2008-04-14 05:41 - 00003647 ____N (Intel(R) Corporation) C:\windows\system32\Drivers\adv07nt5.dll
2013-09-28 20:09 - 2008-04-14 05:41 - 00003615 ____N (Intel(R) Corporation) C:\windows\system32\Drivers\adv05nt5.dll
2013-09-28 20:09 - 2008-04-14 05:41 - 00003135 ____N (Intel(R) Corporation) C:\windows\system32\Drivers\adv08nt5.dll
2013-09-28 20:09 - 2008-04-14 00:06 - 00044928 ____N (Microsoft Corporation) C:\windows\system32\Drivers\agpcpq.sys
2013-09-28 20:09 - 2008-04-14 00:06 - 00043008 ____N (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\amdagp.sys
2013-09-28 20:09 - 2008-04-14 00:06 - 00042752 ____N (Microsoft Corporation) C:\windows\system32\Drivers\alim1541.sys
2013-09-28 20:09 - 2008-04-14 00:06 - 00042368 ____N (Microsoft Corporation) C:\windows\system32\Drivers\agp440.sys
2013-09-28 20:09 - 2008-04-13 22:04 - 00701440 ____N (ATI Technologies Inc.) C:\windows\system32\Drivers\ati2mtag.sys
2013-09-28 20:09 - 2008-04-13 22:04 - 00327040 ____N (ATI Technologies Inc.) C:\windows\system32\Drivers\ati2mtaa.sys
2013-09-28 20:09 - 2008-04-13 22:04 - 00104960 ____N (ATI Technologies Inc.) C:\windows\system32\Drivers\atinrvxx.sys
2013-09-28 20:09 - 2008-04-13 22:04 - 00063663 ____N (ATI Technologies Inc.) C:\windows\system32\Drivers\ati1rvxx.sys
2013-09-28 20:09 - 2008-04-13 22:04 - 00057856 ____N (ATI Technologies Inc.) C:\windows\system32\Drivers\atinbtxx.sys
2013-09-28 20:09 - 2008-04-13 22:04 - 00056623 ____N (ATI Technologies Inc.) C:\windows\system32\Drivers\ati1btxx.sys
2013-09-28 20:09 - 2008-04-13 22:04 - 00052224 ____N (ATI Technologies Inc.) C:\windows\system32\Drivers\atinraxx.sys
2013-09-28 20:09 - 2008-04-13 22:04 - 00036463 ____N (ATI Technologies Inc.) C:\windows\system32\Drivers\ati1tuxx.sys
2013-09-28 20:09 - 2008-04-13 22:04 - 00034735 ____N (ATI Technologies Inc.) C:\windows\system32\Drivers\ati1xsxx.sys
2013-09-28 20:09 - 2008-04-13 22:04 - 00030671 ____N (ATI Technologies Inc.) C:\windows\system32\Drivers\ati1raxx.sys
2013-09-28 20:09 - 2008-04-13 22:04 - 00029455 ____N (ATI Technologies Inc.) C:\windows\system32\Drivers\ati1xbxx.sys
2013-09-28 20:09 - 2008-04-13 22:04 - 00028672 ____N (ATI Technologies Inc.) C:\windows\system32\Drivers\atinsnxx.sys
2013-09-28 20:09 - 2008-04-13 22:04 - 00026367 ____N (ATI Technologies Inc.) C:\windows\system32\Drivers\ati1snxx.sys
2013-09-28 20:09 - 2008-04-13 22:04 - 00021343 ____N (ATI Technologies Inc.) C:\windows\system32\Drivers\ati1ttxx.sys
2013-09-28 20:09 - 2008-04-13 22:04 - 00014336 ____N (ATI Technologies Inc.) C:\windows\system32\Drivers\atinpdxx.sys
2013-09-28 20:09 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\windows\system32\Drivers\atinttxx.sys
2013-09-28 20:09 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\windows\system32\Drivers\atinmdxx.sys
2013-09-28 20:09 - 2008-04-13 22:04 - 00012047 ____N (ATI Technologies Inc.) C:\windows\system32\Drivers\ati1pdxx.sys
2013-09-28 20:09 - 2008-04-13 22:04 - 00011615 ____N (ATI Technologies Inc.) C:\windows\system32\Drivers\ati1mdxx.sys
2013-09-28 20:08 - 2008-04-14 05:42 - 00011325 ____N (Intel(R) Corporation) C:\windows\system32\Drivers\vchnt5.dll
2013-09-28 20:08 - 2008-04-14 05:42 - 00003901 ____N (Intel(R) Corporation) C:\windows\system32\Drivers\siint5.dll
2013-09-28 20:08 - 2008-04-14 05:41 - 00025471 ____N (Intel(R) Corporation) C:\windows\system32\Drivers\atv04nt5.dll
2013-09-28 20:08 - 2008-04-14 05:41 - 00021183 ____N (Intel(R) Corporation) C:\windows\system32\Drivers\atv01nt5.dll
2013-09-28 20:08 - 2008-04-14 05:41 - 00017279 ____N (Intel(R) Corporation) C:\windows\system32\Drivers\atv10nt5.dll
2013-09-28 20:08 - 2008-04-14 05:41 - 00015423 ____N (Intel(R) Corporation) C:\windows\system32\Drivers\ch7xxnt5.dll
2013-09-28 20:08 - 2008-04-14 05:41 - 00014143 ____N (Intel(R) Corporation) C:\windows\system32\Drivers\atv06nt5.dll
2013-09-28 20:08 - 2008-04-14 05:41 - 00011359 ____N (Intel(R) Corporation) C:\windows\system32\Drivers\atv02nt5.dll
2013-09-28 20:08 - 2008-04-14 00:26 - 00030592 ____N (Microsoft Corporation) C:\windows\system32\Drivers\rndismpx.sys
2013-09-28 20:08 - 2008-04-14 00:26 - 00012800 ____N (Microsoft Corporation) C:\windows\system32\Drivers\usb8023x.sys
2013-09-28 20:08 - 2008-04-14 00:21 - 00101120 ____N (Microsoft Corporation) C:\windows\system32\Drivers\bthpan.sys
2013-09-28 20:08 - 2008-04-14 00:16 - 00273024 ____N (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2013-09-28 20:08 - 2008-04-14 00:16 - 00121984 ____N (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys
2013-09-28 20:08 - 2008-04-14 00:16 - 00059136 ____N (Microsoft Corporation) C:\windows\system32\Drivers\rfcomm.sys
2013-09-28 20:08 - 2008-04-14 00:16 - 00037888 ____N (Microsoft Corporation) C:\windows\system32\Drivers\bthmodem.sys
2013-09-28 20:08 - 2008-04-14 00:16 - 00036480 ____N (Microsoft Corporation) C:\windows\system32\Drivers\bthprint.sys
2013-09-28 20:08 - 2008-04-14 00:16 - 00025600 ____N (Microsoft Corporation) C:\windows\system32\Drivers\hidbth.sys
2013-09-28 20:08 - 2008-04-14 00:16 - 00018944 ____N (Microsoft Corporation) C:\windows\system32\Drivers\bthusb.sys
2013-09-28 20:08 - 2008-04-14 00:16 - 00017024 ____N (Microsoft Corporation) C:\windows\system32\Drivers\bthenum.sys
2013-09-28 20:08 - 2008-04-14 00:15 - 00019200 ____N (Microsoft Corporation) C:\windows\system32\Drivers\hidir.sys
2013-09-28 20:08 - 2008-04-14 00:13 - 00014208 ____N (Microsoft Corporation) C:\windows\system32\Drivers\wacompen.sys
2013-09-28 20:08 - 2008-04-14 00:13 - 00012672 ____N (Microsoft Corporation) C:\windows\system32\Drivers\mutohpen.sys
2013-09-28 20:08 - 2008-04-14 00:10 - 00010240 ____N (Microsoft Corporation) C:\windows\system32\Drivers\sffp_mmc.sys
2013-09-28 20:08 - 2008-04-14 00:06 - 00046464 ____N (Microsoft Corporation) C:\windows\system32\Drivers\gagp30kx.sys
2013-09-28 20:08 - 2008-04-14 00:06 - 00044672 ____N (Microsoft Corporation) C:\windows\system32\Drivers\uagp35.sys
2013-09-28 20:08 - 2008-04-14 00:06 - 00042240 ____N (Microsoft Corporation) C:\windows\system32\Drivers\viaagp.sys
2013-09-28 20:08 - 2008-04-14 00:06 - 00040960 ____N (Silicon Integrated Systems Corporation) C:\windows\system32\Drivers\sisagp.sys
2013-09-28 20:08 - 2008-04-14 00:06 - 00005888 ____N (Microsoft Corporation) C:\windows\system32\Drivers\smbali.sys
2013-09-28 20:08 - 2008-04-13 23:53 - 01309184 ____N (Smart Link) C:\windows\system32\Drivers\mtlstrm.sys
2013-09-28 20:08 - 2008-04-13 23:53 - 01041536 ____N (Conexant Systems, Inc.) C:\windows\system32\Drivers\hsfdpsp2.sys
2013-09-28 20:08 - 2008-04-13 23:53 - 00685056 ____N (Conexant Systems, Inc.) C:\windows\system32\Drivers\hsfcxts2.sys
2013-09-28 20:08 - 2008-04-13 23:53 - 00404990 ____N (Smart Link) C:\windows\system32\Drivers\slntamr.sys
2013-09-28 20:08 - 2008-04-13 23:53 - 00220032 ____N (Conexant Systems, Inc.) C:\windows\system32\Drivers\hsfbs2s2.sys
2013-09-28 20:08 - 2008-04-13 23:53 - 00180360 ____N (Smart Link) C:\windows\system32\Drivers\ntmtlfax.sys
2013-09-28 20:08 - 2008-04-13 23:53 - 00129535 ____N (Smart Link) C:\windows\system32\Drivers\slnt7554.sys
2013-09-28 20:08 - 2008-04-13 23:53 - 00126686 ____N (Smart Link) C:\windows\system32\Drivers\mtlmnt5.sys
2013-09-28 20:08 - 2008-04-13 23:53 - 00095424 ____N (Smart Link) C:\windows\system32\Drivers\slnthal.sys
2013-09-28 20:08 - 2008-04-13 23:53 - 00013776 ____N (Smart Link) C:\windows\system32\Drivers\recagent.sys
2013-09-28 20:08 - 2008-04-13 23:53 - 00013240 ____N (Smart Link) C:\windows\system32\Drivers\slwdmsup.sys
2013-09-28 20:08 - 2008-04-13 22:04 - 00452736 ____N (Matrox Graphics Inc.) C:\windows\system32\Drivers\mtxparhm.sys
2013-09-28 20:08 - 2008-04-13 22:04 - 00166912 ____N (S3 Graphics, Inc.) C:\windows\system32\Drivers\s3gnbm.sys
2013-09-28 20:08 - 2008-04-13 22:04 - 00073216 ____N (ATI Technologies Inc.) C:\windows\system32\Drivers\atintuxx.sys
2013-09-28 20:08 - 2008-04-13 22:04 - 00063488 ____N (ATI Technologies Inc.) C:\windows\system32\Drivers\atinxsxx.sys
2013-09-28 20:08 - 2008-04-13 22:04 - 00031744 ____N (ATI Technologies Inc.) C:\windows\system32\Drivers\atinxbxx.sys
2013-09-28 20:08 - 2008-04-13 22:04 - 00025471 ____N (Intel(R) Corporation) C:\windows\system32\Drivers\watv10nt.sys
2013-09-28 20:08 - 2008-04-13 22:04 - 00022271 ____N (Intel(R) Corporation) C:\windows\system32\Drivers\watv06nt.sys
2013-09-28 20:08 - 2008-04-13 22:04 - 00011935 ____N (Intel(R) Corporation) C:\windows\system32\Drivers\wadv11nt.sys
2013-09-28 20:08 - 2008-04-13 22:04 - 00011871 ____N (Intel(R) Corporation) C:\windows\system32\Drivers\wadv09nt.sys
2013-09-28 20:08 - 2008-04-13 22:04 - 00011807 ____N (Intel(R) Corporation) C:\windows\system32\Drivers\wadv07nt.sys
2013-09-28 20:08 - 2008-04-13 22:04 - 00011295 ____N (Intel(R) Corporation) C:\windows\system32\Drivers\wadv08nt.sys
2013-09-28 20:08 - 2007-04-02 21:36 - 00129045 ____N C:\windows\system32\Drivers\cxthsfs2.cty
2013-09-28 20:08 - 2006-12-29 20:21 - 00064352 ____N C:\windows\system32\Drivers\ativmc20.cod
2013-09-28 20:08 - 2006-12-29 20:02 - 00067866 ____N C:\windows\system32\Drivers\netwlan5.img
2013-09-28 19:51 - 2013-09-28 20:04 - 00000000 __HDC C:\windows\$NtServicePackUninstall$
2013-09-28 19:33 - 2013-09-28 20:36 - 00000000 ____D C:\acf061117b02497cfd2f94de36
2013-09-27 20:56 - 2013-10-08 13:31 - 00000000 ____D C:\Documents and Settings\PC\Application Data\Free Download Manager
2013-09-27 20:56 - 2013-09-27 20:56 - 00000000 ____D C:\Program Files\Free Download Manager
2013-09-27 20:56 - 2013-09-27 20:56 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Free Download Manager
2013-09-27 20:13 - 2013-09-27 20:13 - 00001890 _____ C:\windows\diagwrn.xml
2013-09-27 20:13 - 2013-09-27 20:13 - 00001890 _____ C:\windows\diagerr.xml
2013-09-27 19:05 - 2013-10-03 15:21 - 00000000 ____D C:\Documents and Settings\PC\My Documents\Max Payne 2 Savegames
2013-09-27 19:03 - 2013-09-27 19:03 - 00000421 _____ C:\Documents and Settings\All Users\Desktop\Max Payne 2.lnk
2013-09-26 16:44 - 2013-09-26 16:44 - 00000000 ____D C:\Documents and Settings\PC\Local Settings\Application Data\Help
2013-09-25 17:39 - 2013-10-04 18:24 - 00000278 _____ C:\windows\Tasks\PixillionDowngrade.job
2013-09-24 18:41 - 2013-09-24 18:41 - 00002441 _____ C:\DelFix.txt
2013-09-24 17:34 - 2013-09-24 17:36 - 00000000 ____D C:\kopija
2013-09-23 19:15 - 2013-09-25 17:30 - 00000000 ____D C:\Documents and Settings\PC\Desktop\izborna
2013-09-23 19:14 - 2013-10-06 15:31 - 00000000 ____D C:\Documents and Settings\PC\Desktop\EVROPA
2013-09-23 19:14 - 2013-09-23 19:14 - 00000000 ____D C:\Documents and Settings\PC\Desktop\ZAPAD. I SEV.E
2013-09-23 19:14 - 2013-09-23 19:14 - 00000000 ____D C:\Documents and Settings\PC\Desktop\SREDNJA E
2013-09-23 19:14 - 2013-09-23 19:14 - 00000000 ____D C:\Documents and Settings\PC\Desktop\JUŽNA E
2013-09-23 19:14 - 2013-09-23 19:14 - 00000000 ____D C:\Documents and Settings\PC\Desktop\ISTOČNA E
2013-09-23 19:12 - 2013-09-23 19:12 - 00000000 ____D C:\Documents and Settings\PC\Desktop\Zupa, izlozba starina 2008
2013-09-22 16:04 - 2013-09-22 16:04 - 00000000 __SHD C:\Documents and Settings\Administrator\IETldCache
2013-09-22 16:03 - 2013-09-22 16:04 - 00000000 ____D C:\Documents and Settings\Administrator
2013-09-22 16:03 - 2013-09-22 16:03 - 00000884 __RSH C:\Documents and Settings\Administrator\ntuser.pol
2013-09-22 16:03 - 2013-09-22 16:03 - 00000020 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2013-09-22 16:03 - 2013-09-22 16:03 - 00000000 ____D C:\windows\CSC
2013-09-22 16:03 - 2013-01-23 21:00 - 00001599 _____ C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk
2013-09-22 16:03 - 2013-01-23 21:00 - 00000792 _____ C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk
2013-09-22 16:03 - 2013-01-23 21:00 - 00000000 ___RD C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
2013-09-21 21:42 - 2013-09-21 21:42 - 00000088 _____ C:\Documents and Settings\PC\12486963251304217549.log
2013-09-21 16:58 - 2013-09-21 16:58 - 00000884 __RSH C:\Documents and Settings\PC\ntuser.pol
2013-09-21 11:13 - 2013-09-21 11:13 - 00023456 _____ (Phoenix Technologies) C:\windows\system32\Drivers\DrvAgent32.sys
2013-09-21 11:13 - 2013-09-21 11:13 - 00000000 ____D C:\Documents and Settings\PC\Local Settings\Application Data\eSupport.com
2013-09-21 10:24 - 2008-04-14 00:15 - 00015104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbscan.sys
2013-09-21 10:24 - 2004-08-04 00:56 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\ptpusd.dll
2013-09-21 10:24 - 2001-08-17 22:36 - 00005632 _____ (Microsoft Corporation) C:\windows\system32\ptpusb.dll
2013-09-20 20:03 - 2013-09-20 20:03 - 00000000 ____D C:\Program Files\Realtek
2013-09-20 19:55 - 2013-09-21 15:17 - 00013464 _____ C:\windows\system32\Drivers\SWDUMon.sys
2013-09-20 19:54 - 2013-09-20 19:54 - 00000000 ____D C:\Documents and Settings\PC\Local Settings\Application Data\SlimWare Utilities Inc
2013-09-20 19:49 - 2013-09-20 19:49 - 00000000 ____D C:\Documents and Settings\All Users\Documents\Downloaded Installers
2013-09-20 19:09 - 2013-09-20 19:09 - 00000000 __HDC C:\windows\$NtUninstallKB884020$
2013-09-20 19:08 - 2013-09-20 19:08 - 00000000 ____D C:\9ae28e166f0b1ac215ec60
2013-09-19 20:01 - 2013-09-19 20:13 - 00000000 ____D C:\Documents and Settings\PC\Desktop\pjesme za liki
2013-09-19 18:18 - 2013-09-19 18:18 - 00000000 ____D C:\Program Files\Activision
2013-09-19 15:14 - 2013-09-19 18:11 - 00000000 ____D C:\Documents and Settings\PC\Desktop\indija
2013-09-18 15:31 - 2013-09-18 15:31 - 00000854 _____ C:\Documents and Settings\PC\Local Settings\Application Data\recently-used.xbel
2013-09-18 15:21 - 2013-09-18 15:21 - 00000000 ____D C:\Documents and Settings\PC\Application Data\Python-Eggs
2013-09-18 15:20 - 2013-09-22 11:49 - 00000000 ____D C:\Documents and Settings\PC\Start Menu\Programs\BitLord
2013-09-18 15:20 - 2013-09-21 16:36 - 00000000 ____D C:\Documents and Settings\PC\Application Data\BitLord
2013-09-18 15:19 - 2013-09-21 16:32 - 00000000 ____D C:\Documents and Settings\PC\My Documents\BitLord
2013-09-16 19:36 - 2013-09-28 12:34 - 00000000 ____D C:\Documents and Settings\PC\Application Data\IconTweaker
2013-09-16 19:34 - 2013-09-16 19:34 - 00000812 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Express Zip.lnk
2013-09-16 19:34 - 2013-09-16 19:34 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Utilities
2013-09-16 19:34 - 2013-09-16 19:34 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\NCH Software Suite
2013-09-16 18:54 - 2013-09-16 18:54 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\TuneUp Software
2013-09-16 14:52 - 2013-09-17 22:50 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\SkypEmoticons
2013-09-13 19:24 - 2013-10-06 14:28 - 00000000 ____D C:\Documents and Settings\PC\Desktop\visual
2013-09-13 19:21 - 2013-09-16 19:27 - 00000000 ___HD C:\windows\Icons
2013-09-13 18:49 - 2013-09-22 17:30 - 00065536 _____ C:\windows\system32\config\TuneUp.evt
2013-09-13 18:47 - 2013-09-13 19:13 - 00000000 ____D C:\Documents and Settings\PC\Application Data\TuneUp Software
2013-09-13 18:46 - 2013-09-22 17:04 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TuneUp Software
2013-09-13 18:42 - 2013-09-13 19:08 - 00000000 __SHD C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-09-13 17:07 - 2013-09-13 17:15 - 00000000 ____D C:\log fajlovi
2013-09-12 16:38 - 2013-10-08 13:25 - 00000416 ____H C:\windows\Tasks\User_Feed_Synchronization-{5559DAB7-EE7E-47C6-AA63-F8A51739AF30}.job
2013-09-12 16:38 - 2013-09-12 16:38 - 00000000 __SHD C:\Documents and Settings\PC\PrivacIE
2013-09-12 16:36 - 2013-09-12 16:36 - 00000000 __SHD C:\Documents and Settings\PC\IETldCache
2013-09-12 16:34 - 2013-09-12 16:35 - 00065536 _____ C:\windows\system32\config\Internet.evt
2013-09-12 16:32 - 2013-09-12 16:34 - 00000000 __HDC C:\windows\ie8
2013-09-12 16:23 - 2013-10-01 13:37 - 00000000 ___HD C:\windows\$hf_mig$
2013-09-12 16:23 - 2013-09-15 19:59 - 00000000 __HDC C:\windows\$NtUninstallKB932823-v3$
2013-09-11 15:19 - 2013-09-11 15:19 - 00022560 _____ (REALiX(tm)) C:\windows\system32\Drivers\HWiNFO32.SYS
2013-09-11 15:18 - 2013-09-11 15:18 - 00000000 ____D C:\Program Files\HWiNFO32
2013-09-11 15:18 - 2013-09-11 15:18 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\HWiNFO32
2013-09-10 17:17 - 2013-09-22 16:51 - 00000000 ____D C:\AdwCleaner
2013-09-09 18:11 - 2013-10-07 17:57 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\CPUID
2013-09-09 18:11 - 2013-09-14 17:05 - 00000000 ____D C:\Program Files\CPUID

==================== One Month Modified Files and Folders =======

2013-10-08 13:31 - 2013-10-08 13:31 - 00000000 ____D C:\FRST
2013-10-08 13:31 - 2013-09-27 20:56 - 00000000 ____D C:\Documents and Settings\PC\Application Data\Free Download Manager
2013-10-08 13:30 - 2013-10-02 19:09 - 00000000 ____D C:\Documents and Settings\PC\My Documents\Преузимања
2013-10-08 13:27 - 2013-08-17 21:22 - 00000878 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-08 13:25 - 2013-09-12 16:38 - 00000416 ____H C:\windows\Tasks\User_Feed_Synchronization-{5559DAB7-EE7E-47C6-AA63-F8A51739AF30}.job
2013-10-08 13:22 - 2013-03-10 12:19 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-10-08 13:20 - 2013-08-17 21:22 - 00000874 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-08 13:20 - 2013-01-24 10:41 - 00000000 _____ C:\windows\system32\nvapps.xml
2013-10-08 13:17 - 2013-10-06 15:27 - 00070646 _____ C:\windows\WindowsUpdate.log
2013-10-08 13:17 - 2013-10-06 15:27 - 00000159 _____ C:\windows\wiadebug.log
2013-10-08 13:17 - 2013-10-06 15:27 - 00000049 _____ C:\windows\wiaservc.log
2013-10-08 13:17 - 2013-01-23 21:44 - 00000000 ____D C:\windows\system32\ias
2013-10-08 13:16 - 2013-01-23 21:04 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-10-07 21:52 - 2013-01-23 21:05 - 00000178 ___SH C:\Documents and Settings\PC\ntuser.ini
2013-10-07 21:52 - 2013-01-23 21:04 - 00032470 _____ C:\windows\SchedLgU.Txt
2013-10-07 20:59 - 2013-10-07 20:59 - 00000282 _____ C:\windows\Tasks\ExpressZipDowngrade.job
2013-10-07 19:59 - 2013-10-06 19:11 - 00002185 _____ C:\windows\setupapi.log
2013-10-07 18:55 - 2013-02-10 19:41 - 00000000 ____D C:\Documents and Settings\PC\Local Settings\Application Data\Adobe
2013-10-07 18:05 - 2013-10-07 18:05 - 00012705 _____ C:\Documents and Settings\PC\Desktop\dds.txt
2013-10-07 18:05 - 2013-10-07 18:05 - 00008433 _____ C:\Documents and Settings\PC\Desktop\attach.txt
2013-10-07 18:04 - 2013-10-07 18:03 - 00688992 ____R (Swearware) C:\Documents and Settings\PC\Desktop\dds.scr
2013-10-07 17:57 - 2013-09-09 18:11 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\CPUID
2013-10-06 20:55 - 2013-10-06 20:54 - 00000000 ____D C:\Documents and Settings\PC\Desktop\prezentacije za deveti
2013-10-06 20:38 - 2013-10-06 20:11 - 00000000 ____D C:\Documents and Settings\PC\Desktop\natalija
2013-10-06 18:33 - 2013-06-23 15:31 - 00000000 ____D C:\Documents and Settings\PC\Application Data\uTorrent
2013-10-06 16:59 - 2013-10-02 16:36 - 00000000 ____D C:\Documents and Settings\PC\Desktop\naja fajlovi
2013-10-06 16:53 - 2013-10-06 15:42 - 00044032 _____ C:\Documents and Settings\PC\Desktop\evropa reljef i vode priprema
2013-10-06 15:46 - 2013-10-06 15:44 - 00000000 ____D C:\Documents and Settings\PC\Desktop\evropa priprema
2013-10-06 15:31 - 2013-09-23 19:14 - 00000000 ____D C:\Documents and Settings\PC\Desktop\EVROPA
2013-10-06 15:30 - 2013-10-06 15:30 - 00069624 _____ C:\Documents and Settings\PC\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-10-06 15:27 - 2013-10-06 15:27 - 00000000 _____ C:\windows\Sti_Trace.log
2013-10-06 15:26 - 2013-10-06 15:26 - 00265416 _____ C:\windows\system32\FNTCACHE.DAT
2013-10-06 14:28 - 2013-09-13 19:24 - 00000000 ____D C:\Documents and Settings\PC\Desktop\visual
2013-10-06 14:22 - 2013-10-06 14:22 - 00000000 ____D C:\Documents and Settings\PC\Application Data\Wise Care 365
2013-10-06 13:42 - 2013-10-06 13:42 - 03932214 _____ C:\Documents and Settings\PC\Desktop\internet1.bmp
2013-10-05 22:25 - 2013-10-05 19:45 - 00006711 _____ C:\Documents and Settings\PC\Desktop\попис.jpeg
2013-10-05 19:39 - 2013-01-23 21:05 - 00000897 _____ C:\Documents and Settings\PC\Start Menu\Programs\Windows Media Player.lnk
2013-10-05 19:39 - 2013-01-23 21:05 - 00000895 _____ C:\Documents and Settings\PC\Start Menu\Programs\Internet Explorer.lnk
2013-10-05 19:34 - 2013-10-05 19:34 - 00000824 _____ C:\Documents and Settings\PC\Start Menu\µTorrent.lnk
2013-10-05 19:34 - 2013-10-05 19:34 - 00000824 _____ C:\Documents and Settings\PC\Desktop\µTorrent.lnk
2013-10-05 19:33 - 2013-10-05 19:33 - 00000000 ____D C:\Documents and Settings\PC\Local Settings\Application Data\Opera
2013-10-05 19:33 - 2013-10-05 19:33 - 00000000 ____D C:\Documents and Settings\PC\Application Data\Opera
2013-10-05 19:32 - 2013-10-05 19:32 - 00001505 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Opera.lnk
2013-10-05 19:32 - 2013-10-05 19:32 - 00001499 _____ C:\Documents and Settings\All Users\Desktop\Opera.lnk
2013-10-05 19:32 - 2013-10-05 19:31 - 00000000 ____D C:\Program Files\Opera
2013-10-05 17:43 - 2013-10-05 17:43 - 00000000 ____D C:\windows\OPTIONS
2013-10-05 17:43 - 2013-10-05 17:43 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Realtek
2013-10-05 17:42 - 2013-10-05 17:42 - 00000000 ____D C:\Documents and Settings\PC\Application Data\InstallShield
2013-10-05 17:40 - 2013-10-05 17:40 - 00000000 ____D C:\Documents and Settings\PC\My Documents\P5PL2-E-ASUS-1002
2013-10-05 17:14 - 2013-01-23 21:51 - 00001789 _____ C:\windows\system32\AUTOEXEC.NT
2013-10-05 17:14 - 2004-08-04 14:00 - 00000483 _____ C:\windows\system.ini
2013-10-05 13:59 - 2004-08-04 14:00 - 00000579 _____ C:\windows\win.ini
2013-10-04 20:49 - 2013-10-04 20:00 - 00000045 _____ C:\TEST.XML
2013-10-04 19:32 - 2013-01-23 21:44 - 00000000 ____D C:\windows\Resources
2013-10-04 18:52 - 2013-10-04 18:52 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET
2013-10-04 18:42 - 2004-08-04 14:00 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2013-10-04 18:24 - 2013-09-25 17:39 - 00000278 _____ C:\windows\Tasks\PixillionDowngrade.job
2013-10-03 15:21 - 2013-09-27 19:05 - 00000000 ____D C:\Documents and Settings\PC\My Documents\Max Payne 2 Savegames
2013-10-02 19:55 - 2013-10-02 16:31 - 00065536 _____ C:\windows\system32\config\NetLimit.evt
2013-10-02 18:50 - 2013-10-02 18:46 - 00000017 _____ C:\Documents and Settings\PC\Desktop\psihikal memori.txt
2013-10-02 16:50 - 2013-10-02 16:50 - 00000737 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2013-10-02 16:50 - 2013-10-02 16:50 - 00000731 _____ C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2013-10-02 16:50 - 2013-10-02 16:50 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-02 16:43 - 2013-01-28 19:42 - 00000000 ____D C:\Program Files\HSPA USB MODEM
2013-10-02 16:43 - 2013-01-28 19:42 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\HSPA USB MODEM
2013-10-02 16:35 - 2013-09-30 10:49 - 00000000 ____D C:\Documents and Settings\PC\Desktop\New Folder
2013-10-02 16:35 - 2013-01-23 21:04 - 00000000 __SHD C:\Documents and Settings\LocalService
2013-10-02 16:27 - 2013-02-02 20:09 - 00000000 ____D C:\Documents and Settings\PC\Application Data\vlc
2013-10-02 16:22 - 2013-01-23 21:05 - 00000000 ____D C:\Documents and Settings\PC
2013-10-02 16:03 - 2013-07-15 19:16 - 00000000 ____D C:\windows\pss
2013-10-02 14:59 - 2013-10-02 14:59 - 00000000 ____D C:\Documents and Settings\PC\Application Data\Locktime
2013-10-02 14:55 - 2013-10-02 14:55 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Locktime
2013-10-02 14:07 - 2013-10-02 14:07 - 00000000 ____D C:\Documents and Settings\PC\Local Settings\Application Data\ESET
2013-10-01 17:46 - 2013-01-24 11:19 - 00000000 ____D C:\Documents and Settings\PC\Local Settings\Application Data\Google
2013-10-01 17:46 - 2013-01-24 11:15 - 00000000 ____D C:\Program Files\Google
2013-10-01 17:38 - 2013-01-23 21:44 - 00000000 ____D C:\windows\Help
2013-10-01 13:37 - 2013-09-12 16:23 - 00000000 ___HD C:\windows\$hf_mig$
2013-09-30 23:13 - 2013-09-30 23:13 - 00006376 _____ C:\avenger.txt
2013-09-30 23:13 - 2013-09-30 23:13 - 00000000 ____D C:\Avenger
2013-09-30 22:26 - 2013-01-28 20:02 - 00000000 ____D C:\Documents and Settings\PC\Start Menu\Programs\Mafia
2013-09-30 20:55 - 2013-09-30 19:45 - 00001945 _____ C:\windows\epplauncher.mif
2013-09-30 19:56 - 2013-03-10 13:43 - 00016384 _____ C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-30 19:02 - 2013-03-10 13:39 - 00474112 ___SH C:\Documents and Settings\PC\Desktop\Thumbs.db
2013-09-29 20:50 - 2013-01-23 21:00 - 00002577 _____ C:\windows\system32\CONFIG.NT
2013-09-29 20:39 - 2013-09-29 20:38 - 00000000 ____D C:\windows\system32\AVGUARD_526aa1ee
2013-09-28 21:34 - 2013-09-28 21:34 - 00000000 __HDC C:\windows\$NtUninstallKB898461$
2013-09-28 21:34 - 2013-09-28 21:34 - 00000000 ____D C:\windows\system32\PreInstall
2013-09-28 20:44 - 2013-09-28 20:44 - 00000000 __SHD C:\Documents and Settings\PC\IECompatCache
2013-09-28 20:44 - 2013-01-23 21:00 - 00001514 _____ C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
2013-09-28 20:41 - 2013-01-23 21:52 - 00469362 _____ C:\windows\system32\PerfStringBackup.INI
2013-09-28 20:41 - 2013-01-23 21:05 - 00000745 _____ C:\Documents and Settings\PC\Start Menu\Programs\Outlook Express.lnk
2013-09-28 20:41 - 2013-01-23 21:00 - 00316640 _____ C:\windows\WMSysPr9.prx
2013-09-28 20:39 - 2013-09-28 20:39 - 00000090 _____ C:\windows\system32\spupdwxp.log
2013-09-28 20:39 - 2004-08-04 14:00 - 00002206 _____ C:\windows\system32\wpa.dbl
2013-09-28 20:37 - 2013-01-23 21:44 - 00000000 ____D C:\windows\security
2013-09-28 20:36 - 2013-09-28 19:33 - 00000000 ____D C:\acf061117b02497cfd2f94de36
2013-09-28 20:36 - 2013-01-23 21:52 - 00002675 _____ C:\windows\imsins.BAK
2013-09-28 20:31 - 2013-01-23 21:00 - 00001570 _____ C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
2013-09-28 20:30 - 2013-01-23 20:56 - 00000000 ___RD C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
2013-09-28 20:29 - 2013-09-28 20:16 - 00000000 ____D C:\windows\ServicePackFiles
2013-09-28 20:29 - 2013-01-23 20:57 - 00000000 ____D C:\Program Files\Messenger
2013-09-28 20:28 - 2013-01-23 21:44 - 00000000 ____D C:\windows\system32\inetsrv
2013-09-28 20:28 - 2013-01-23 21:44 - 00000000 ____D C:\windows\ime
2013-09-28 20:27 - 2013-09-28 20:27 - 00000000 ____D C:\windows\system32\scripting
2013-09-28 20:27 - 2013-09-28 20:27 - 00000000 ____D C:\windows\system32\bits
2013-09-28 20:27 - 2013-09-28 20:27 - 00000000 ____D C:\windows\l2schemas
2013-09-28 20:27 - 2013-01-23 21:44 - 00000000 ____D C:\windows\system32\usmt
2013-09-28 20:27 - 2013-01-23 21:44 - 00000000 ____D C:\windows\PeerNet
2013-09-28 20:27 - 2013-01-23 20:58 - 00000000 ____D C:\Program Files\Movie Maker
2013-09-28 20:16 - 2013-01-23 21:44 - 00000000 ____D C:\windows\system32\npp
2013-09-28 20:16 - 2013-01-23 21:44 - 00000000 ____D C:\windows\mui
2013-09-28 20:16 - 2013-01-23 21:44 - 00000000 ____D C:\windows\msagent
2013-09-28 20:16 - 2013-01-23 20:58 - 00000000 ____D C:\windows\system32\Restore
2013-09-28 20:15 - 2013-01-23 20:58 - 00000000 ____D C:\windows\srchasst
2013-09-28 20:15 - 2013-01-23 20:58 - 00000000 ____D C:\Program Files\Outlook Express
2013-09-28 20:15 - 2013-01-23 20:58 - 00000000 ____D C:\Program Files\NetMeeting
2013-09-28 20:15 - 2013-01-23 20:58 - 00000000 ____D C:\Program Files\Common Files\System
2013-09-28 20:15 - 2013-01-23 20:56 - 00000000 ____D C:\windows\system32\Com
2013-09-28 20:15 - 2013-01-23 20:56 - 00000000 ____D C:\Program Files\Windows NT
2013-09-28 20:14 - 2013-01-23 21:44 - 00000000 ____D C:\windows\system
2013-09-28 20:07 - 2004-08-04 14:00 - 00250048 __RSH C:\ntldr
2013-09-28 20:05 - 2013-01-24 10:37 - 00000000 ____D C:\windows\system32\ReinstallBackups
2013-09-28 20:04 - 2013-09-28 19:51 - 00000000 __HDC C:\windows\$NtServicePackUninstall$
2013-09-28 12:34 - 2013-09-16 19:36 - 00000000 ____D C:\Documents and Settings\PC\Application Data\IconTweaker
2013-09-27 20:56 - 2013-09-27 20:56 - 00000000 ____D C:\Program Files\Free Download Manager
2013-09-27 20:56 - 2013-09-27 20:56 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Free Download Manager
2013-09-27 20:13 - 2013-09-27 20:13 - 00001890 _____ C:\windows\diagwrn.xml
2013-09-27 20:13 - 2013-09-27 20:13 - 00001890 _____ C:\windows\diagerr.xml
2013-09-27 19:03 - 2013-09-27 19:03 - 00000421 _____ C:\Documents and Settings\All Users\Desktop\Max Payne 2.lnk
2013-09-27 19:03 - 2013-08-27 16:26 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Rockstar Games
2013-09-27 18:50 - 2013-02-06 21:13 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-09-26 20:28 - 2013-06-11 19:01 - 00000000 ____D C:\Documents and Settings\PC\Application Data\Audacity
2013-09-26 17:02 - 2004-08-04 14:00 - 00006656 _____ C:\windows\system32\lpcio.dll
2013-09-26 16:44 - 2013-09-26 16:44 - 00000000 ____D C:\Documents and Settings\PC\Local Settings\Application Data\Help
2013-09-25 18:24 - 2013-08-02 19:43 - 00000000 ____D C:\windows\system32\NtmsData
2013-09-25 17:30 - 2013-09-23 19:15 - 00000000 ____D C:\Documents and Settings\PC\Desktop\izborna
2013-09-24 18:41 - 2013-09-24 18:41 - 00002441 _____ C:\DelFix.txt
2013-09-24 17:36 - 2013-09-24 17:34 - 00000000 ____D C:\kopija
2013-09-23 19:25 - 2013-02-22 21:31 - 00007096 ___SH C:\Documents and Settings\PC\Start Menu\Programs\OneNote Table Of Contents.onetoc2
2013-09-23 19:14 - 2013-09-23 19:14 - 00000000 ____D C:\Documents and Settings\PC\Desktop\ZAPAD. I SEV.E
2013-09-23 19:14 - 2013-09-23 19:14 - 00000000 ____D C:\Documents and Settings\PC\Desktop\SREDNJA E
2013-09-23 19:14 - 2013-09-23 19:14 - 00000000 ____D C:\Documents and Settings\PC\Desktop\JUŽNA E
2013-09-23 19:14 - 2013-09-23 19:14 - 00000000 ____D C:\Documents and Settings\PC\Desktop\ISTOČNA E
2013-09-23 19:12 - 2013-09-23 19:12 - 00000000 ____D C:\Documents and Settings\PC\Desktop\Zupa, izlozba starina 2008
2013-09-22 17:30 - 2013-09-13 18:49 - 00065536 _____ C:\windows\system32\config\TuneUp.evt
2013-09-22 17:04 - 2013-09-13 18:46 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TuneUp Software
2013-09-22 16:51 - 2013-09-10 17:17 - 00000000 ____D C:\AdwCleaner
2013-09-22 16:04 - 2013-09-22 16:04 - 00000000 __SHD C:\Documents and Settings\Administrator\IETldCache
2013-09-22 16:04 - 2013-09-22 16:03 - 00000000 ____D C:\Documents and Settings\Administrator
2013-09-22 16:03 - 2013-09-22 16:03 - 00000884 __RSH C:\Documents and Settings\Administrator\ntuser.pol
2013-09-22 16:03 - 2013-09-22 16:03 - 00000020 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2013-09-22 16:03 - 2013-09-22 16:03 - 00000000 ____D C:\windows\CSC
2013-09-22 11:49 - 2013-09-18 15:20 - 00000000 ____D C:\Documents and Settings\PC\Start Menu\Programs\BitLord
2013-09-21 21:42 - 2013-09-21 21:42 - 00000088 _____ C:\Documents and Settings\PC\12486963251304217549.log
2013-09-21 16:58 - 2013-09-21 16:58 - 00000884 __RSH C:\Documents and Settings\PC\ntuser.pol
2013-09-21 16:36 - 2013-09-18 15:20 - 00000000 ____D C:\Documents and Settings\PC\Application Data\BitLord
2013-09-21 16:32 - 2013-09-18 15:19 - 00000000 ____D C:\Documents and Settings\PC\My Documents\BitLord
2013-09-21 15:17 - 2013-09-20 19:55 - 00013464 _____ C:\windows\system32\Drivers\SWDUMon.sys
2013-09-21 11:13 - 2013-09-21 11:13 - 00023456 _____ (Phoenix Technologies) C:\windows\system32\Drivers\DrvAgent32.sys
2013-09-21 11:13 - 2013-09-21 11:13 - 00000000 ____D C:\Documents and Settings\PC\Local Settings\Application Data\eSupport.com
2013-09-21 10:26 - 2013-09-02 17:03 - 00000000 ____D C:\Documents and Settings\PC\Start Menu\Programs\NCH Software Suite
2013-09-20 20:03 - 2013-09-20 20:03 - 00000000 ____D C:\Program Files\Realtek
2013-09-20 19:54 - 2013-09-20 19:54 - 00000000 ____D C:\Documents and Settings\PC\Local Settings\Application Data\SlimWare Utilities Inc
2013-09-20 19:49 - 2013-09-20 19:49 - 00000000 ____D C:\Documents and Settings\All Users\Documents\Downloaded Installers
2013-09-20 19:09 - 2013-09-20 19:09 - 00000000 __HDC C:\windows\$NtUninstallKB884020$
2013-09-20 19:08 - 2013-09-20 19:08 - 00000000 ____D C:\9ae28e166f0b1ac215ec60
2013-09-20 18:45 - 2013-03-06 20:21 - 00000000 __SHD C:\Documents and Settings\PC\UserData
2013-09-19 20:13 - 2013-09-19 20:01 - 00000000 ____D C:\Documents and Settings\PC\Desktop\pjesme za liki
2013-09-19 18:37 - 2013-08-29 18:14 - 00000000 ____D C:\windows\Microsoft.NET
2013-09-19 18:37 - 2013-01-23 20:59 - 00000000 ____D C:\windows\system32\DirectX
2013-09-19 18:18 - 2013-09-19 18:18 - 00000000 ____D C:\Program Files\Activision
2013-09-19 18:11 - 2013-09-19 15:14 - 00000000 ____D C:\Documents and Settings\PC\Desktop\indija
2013-09-18 15:31 - 2013-09-18 15:31 - 00000854 _____ C:\Documents and Settings\PC\Local Settings\Application Data\recently-used.xbel
2013-09-18 15:21 - 2013-09-18 15:21 - 00000000 ____D C:\Documents and Settings\PC\Application Data\Python-Eggs
2013-09-18 14:37 - 2013-06-30 13:08 - 00000000 ____D C:\Documents and Settings\PC\Application Data\BitTorrent
2013-09-18 14:26 - 2013-08-05 23:49 - 00000000 ___RD C:\Documents and Settings\PC\Desktop\sve ostalo
2013-09-17 22:50 - 2013-09-16 14:52 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\SkypEmoticons
2013-09-16 19:34 - 2013-09-16 19:34 - 00000812 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Express Zip.lnk
2013-09-16 19:34 - 2013-09-16 19:34 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Utilities
2013-09-16 19:34 - 2013-09-16 19:34 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\NCH Software Suite
2013-09-16 19:34 - 2013-09-02 17:03 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\NCH Software
2013-09-16 19:34 - 2013-07-31 20:45 - 00000000 ____D C:\Program Files\NCH Software
2013-09-16 19:27 - 2013-09-13 19:21 - 00000000 ___HD C:\windows\Icons
2013-09-16 18:54 - 2013-09-16 18:54 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\TuneUp Software
2013-09-15 19:59 - 2013-09-12 16:23 - 00000000 __HDC C:\windows\$NtUninstallKB932823-v3$
2013-09-15 19:59 - 2013-01-24 11:27 - 00000000 __HDC C:\windows\$NtUninstallKB952011$
2013-09-14 17:05 - 2013-09-09 18:11 - 00000000 ____D C:\Program Files\CPUID
2013-09-13 19:59 - 2013-08-17 22:07 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
2013-09-13 19:13 - 2013-09-13 18:47 - 00000000 ____D C:\Documents and Settings\PC\Application Data\TuneUp Software
2013-09-13 19:08 - 2013-09-13 18:42 - 00000000 __SHD C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-09-13 18:29 - 2013-01-24 11:29 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help
2013-09-13 17:15 - 2013-09-13 17:07 - 00000000 ____D C:\log fajlovi
2013-09-12 16:38 - 2013-09-12 16:38 - 00000000 __SHD C:\Documents and Settings\PC\PrivacIE
2013-09-12 16:36 - 2013-09-12 16:36 - 00000000 __SHD C:\Documents and Settings\PC\IETldCache
2013-09-12 16:36 - 2013-01-23 21:05 - 00000000 ___RD C:\Documents and Settings\PC\Start Menu\Programs\Accessories
2013-09-12 16:35 - 2013-09-12 16:34 - 00065536 _____ C:\windows\system32\config\Internet.evt
2013-09-12 16:34 - 2013-09-12 16:32 - 00000000 __HDC C:\windows\ie8
2013-09-12 16:33 - 2013-01-23 21:44 - 00000000 ____D C:\windows\Media
2013-09-11 15:19 - 2013-09-11 15:19 - 00022560 _____ (REALiX(tm)) C:\windows\system32\Drivers\HWiNFO32.SYS
2013-09-11 15:18 - 2013-09-11 15:18 - 00000000 ____D C:\Program Files\HWiNFO32
2013-09-11 15:18 - 2013-09-11 15:18 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\HWiNFO32
2013-09-10 19:07 - 2013-03-10 12:19 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2013-09-10 19:07 - 2013-03-10 12:19 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe
[2004-08-04 14:00] - [2008-04-14 05:42] - 0108544 ____A (Microsoft Corporation) 0e776ed5f7cc9f94299e70461b7b8185

C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
addition:

https://www.mycity.rs/must-login.png

Dopuna: 08 Okt 2013 13:43

tdss:

https://www.mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Otvori Notepad i iskopiraj sledeći tekst koji se nalazi unutar osenčenog prostora.


Start
MountPoints2: {0636c47e-9d04-11e2-8781-001a92453887} - F:\autorun.exe
AppInit_DLLs: c:\docume~1\alluse~1\applic~1\bitguard\261673~1.238\{c16c1~1\bitguard.dll [ ] ()
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope 3AC374FC-8DCB-4AE5-8637-483CDFE8E029 URL = http://searchou.com/q=
SearchScopes: HKCU - 3AC374FC-8DCB-4AE5-8637-483CDFE8E029 URL = http://searchou.com/q=
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Folder: C:\9ae28e166f0b1ac215ec60
File: C:\Windows\System32\services.exe



U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se Notepad, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).

Potrebno je da fixlog.txt kopiras na forum

offline
  • Pridružio: 02 Sep 2013
  • Poruke: 496

evo:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 03-10-2013
Ran by PC at 2013-10-08 14:16:10 Run:1
Running from C:\Documents and Settings\PC\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
MountPoints2: {0636c47e-9d04-11e2-8781-001a92453887} - F:\autorun.exe
AppInit_DLLs: c:\docume~1\alluse~1\applic~1\bitguard\261673~1.238\{c16c1~1\bitguard.dll [ ] ()
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope 3AC374FC-8DCB-4AE5-8637-483CDFE8E029 URL = http://searchou.com/q=
SearchScopes: HKCU - 3AC374FC-8DCB-4AE5-8637-483CDFE8E029 URL = http://searchou.com/q=
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Folder: C:\9ae28e166f0b1ac215ec60
File: C:\Windows\System32\services.exe
*****************

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0636c47e-9d04-11e2-8781-001a92453887} => Key deleted successfully.
HKCR\CLSID\{0636c47e-9d04-11e2-8781-001a92453887} => Key not found.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\3AC374FC-8DCB-4AE5-8637-483CDFE8E029 => Key deleted successfully.
HKCR\Wow6432Node\CLSID\3AC374FC-8DCB-4AE5-8637-483CDFE8E029 => Key not found.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
HKCU\SOFTWARE\Policies\Google => Key deleted successfully.

========================= Folder: C:\9ae28e166f0b1ac215ec60 ========================

2013-09-20 19:08 - 2013-09-20 19:08 - 0000000 ____D () C:\9ae28e166f0b1ac215ec60\sp2qfe
2013-09-20 19:08 - 2013-09-20 19:08 - 0000000 ____D () C:\9ae28e166f0b1ac215ec60\update
2013-09-20 19:08 - 2004-07-29 01:15 - 0007168 ____A (Microsoft Corporation) C:\9ae28e166f0b1ac215ec60\spmsg.dll
2013-09-20 19:08 - 2004-08-07 06:30 - 0169984 ____A (Microsoft Corporation) C:\9ae28e166f0b1ac215ec60\spuninst.exe
2013-09-20 19:08 - 2004-08-07 07:41 - 0000668 ____A () C:\9ae28e166f0b1ac215ec60\update\branches.inf
2013-09-20 19:08 - 2004-07-19 21:42 - 0004092 ____A () C:\9ae28e166f0b1ac215ec60\update\eula.txt
2013-09-20 19:08 - 2004-08-14 02:02 - 0009782 ____A () C:\9ae28e166f0b1ac215ec60\update\KB884020.CAT
2004-08-06 21:30 - 2004-08-06 21:30 - 0021504 ____A (Microsoft Corporation) C:\9ae28e166f0b1ac215ec60\update\spcustom.dll
2013-09-20 19:08 - 2004-07-29 01:15 - 0654336 ____A (Microsoft Corporation) C:\9ae28e166f0b1ac215ec60\update\update.exe
2004-08-13 17:07 - 2004-08-13 17:07 - 0000109 ____A () C:\9ae28e166f0b1ac215ec60\update\update.ver
2013-09-20 19:08 - 2004-08-14 01:53 - 0000389 ____A () C:\9ae28e166f0b1ac215ec60\update\updatebr.inf
2013-09-20 19:08 - 2004-08-14 01:55 - 0008731 ____A () C:\9ae28e166f0b1ac215ec60\update\update_SP2QFE.inf
2013-09-20 19:08 - 2004-08-14 00:50 - 0359040 ____A (Microsoft Corporation) C:\9ae28e166f0b1ac215ec60\sp2qfe\tcpip.sys

====== End of Folder: ======


========================= File: C:\Windows\System32\services.exe ========================

MD5: 0e776ed5f7cc9f94299e70461b7b8185
Creation and modification date: 2004-08-04 14:00 - 2008-04-14 05:42
Size: 0108544
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: services.exe
Original Name: services.exe
Product Name: Microsoft® Windows® Operating System
Description: Services and Controller app
File Version: 5.1.2600.5512 (xpsp.080413-2111)
Product Version: 5.1.2600.5512
Copyright: © Microsoft Corporation. All rights reserved.

====== End Of File: ======


==== End of Fixlog ====

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Mozemo da uradimo jos jednu proveru, ali moje licno misljenje je da uzrok problema nije malware.

offline
  • Pridružio: 02 Sep 2013
  • Poruke: 496

slozio bih se sa tobom Wink

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop

Dvoklikom pokreni program.

Štikliraj sledeće opcije:
Remove disinfection tools
Purge System Restore
Reset system settings


Klikni na dugme "Run" i pričekaj da program završi rad.
Alat ce ukloniti sve koriscene alate u ovoj temi...
Kada alat završi, otvoriće izvestaj u notepadu.
Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt

Nije potrebno dostavljati izvestaj.








Preuzmi TFC (Temp File Cleaner) i sacuvaj ga na Desktop.
Dvoklikom pokreni program i klikni na dugme Start da bi dozvolio programu da otpocne skeniranje.
Kada program zavrsi skeniranje,mozda ce zatraziti da restartujes racunar. Dozvoli mu.

Napomena: Kada zavrsis sa ciscenjem temp fajlova,program mozes obrisati ili ga sacuvati za kasniju upotrebu.

Ko je trenutno na forumu
 

Ukupno su 532 korisnika na forumu :: 7 registrovanih, 0 sakrivenih i 525 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: cikadeda, dane007, havoc995, LUDI, Marko Marković, Snorks, Zi0mek